Index: openacs-4/packages/forums/tcl/forums-security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/forums/tcl/forums-security-procs.tcl,v diff -u -r1.11 -r1.12 --- openacs-4/packages/forums/tcl/forums-security-procs.tcl 27 Apr 2009 19:36:21 -0000 1.11 +++ openacs-4/packages/forums/tcl/forums-security-procs.tcl 27 Apr 2009 20:25:32 -0000 1.12 @@ -62,8 +62,12 @@ {-user_id ""} {-forum_id:required} } { - set magic_id [acs_magic_object registered_users] - return [expr { [permission::permission_p -party_id $user_id -object_id $forum_id -privilege admin] || [permission::permission_p -party_id $magic_id -object_id $forum_id -privilege create]} ] + if { $user_id eq "" } { + set magic_id [acs_magic_object registered_users] + return [expr { [permission::permission_p -party_id $user_id -object_id $forum_id -privilege admin] || [permission::permission_p -party_id $magic_id -object_id $forum_id -privilege create]} ] + } else { + return [permission::permission_p -party_id $user_id -object_id $forum_id -privilege create] + } } ad_proc -public require_post_forum { @@ -79,8 +83,12 @@ {-user_id ""} {-message_id:required} } { - set magic_id [acs_magic_object registered_users] - return [expr { [permission::permission_p -party_id $magic_id -object_id $message_id -privilege write] || [permission::permission_p -party_id $user_id -object_id $message_id -privilege admin] } ] + if { $user_id eq "" } { + set magic_id [acs_magic_object registered_users] + return [expr { [permission::permission_p -party_id $magic_id -object_id $message_id -privilege write] || [permission::permission_p -party_id $user_id -object_id $message_id -privilege admin] } ] + } else { + return [permission::permission_p -party_id $user_id -object_id $message_id -privilege write] + } } ad_proc -public require_post_message { @@ -152,12 +160,10 @@ if { !$array(admin_p) } { array set array [list moderate_p [forum::security::can_moderate_forum_p -forum_id $forum_id]] if { !$array(moderate_p) } { - if {$user_id eq ""} { - set user_id [ad_conn user_id] - } + # Set post_p according to permissions ... array set array [list post_p [forum::security::can_post_forum_p -forum_id $forum_id -user_id $user_id]] - # + # ... alternatively, we could use a parameter to behave like # in earlier versions just leave it is a reminder, if # someone still likes the old behavior. This code should be Index: openacs-4/packages/forums/www/forum-view.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/forums/www/forum-view.tcl,v diff -u -r1.31 -r1.32 --- openacs-4/packages/forums/www/forum-view.tcl 9 Nov 2008 23:29:26 -0000 1.31 +++ openacs-4/packages/forums/www/forum-view.tcl 27 Apr 2009 20:25:33 -0000 1.32 @@ -30,18 +30,13 @@ } forum::security::require_read_forum -forum_id $forum_id -forum::security::permissions -forum_id $forum_id permissions +forum::security::permissions -forum_id $forum_id -- permissions #it is confusing to provide a moderate link for non-moderated forums. if { $forum(posting_policy) ne "moderated" } { set permissions(moderate_p) 0 } -# get the colors from the params -set table_border_color [parameter::get -parameter table_border_color] -set table_bgcolor [parameter::get -parameter table_bgcolor] -set table_other_bgcolor [parameter::get -parameter table_other_bgcolor] - set admin_url [export_vars -base "admin/forum-edit" { forum_id {return_url [ad_return_url]}}] set moderate_url [export_vars -base "moderate/forum" { forum_id }] set post_url [export_vars -base "message-post" { forum_id }] Index: openacs-4/packages/forums/www/message-view.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/forums/www/message-view.tcl,v diff -u -r1.48 -r1.49 --- openacs-4/packages/forums/www/message-view.tcl 27 Apr 2009 19:36:21 -0000 1.48 +++ openacs-4/packages/forums/www/message-view.tcl 27 Apr 2009 20:25:33 -0000 1.49 @@ -35,7 +35,7 @@ set user_id [ad_conn user_id] forum::security::require_read_message -message_id $message_id -forum::security::permissions -forum_id $message(forum_id) -user_id $user_id permissions +forum::security::permissions -forum_id $message(forum_id) -- permissions # Check if the user has admin on the message set permissions(moderate_p) [forum::security::can_moderate_message_p -message_id $message_id]